Establishing label switched paths having refresh interval independent fast reroute facility protection

ABSTRACT

In one example, techniques of this disclosure may enable a point of local repair (PLR) network device to signal availability of link protection or node protection to a merge point (MP) network device and enable a network device to actively determine whether or not it is a merge point router. Based on whether or not the network device determines it is a MP, the network device may selectively clean up LSP states when there is an upstream link or node failure. The RSVP-TE protocol may be extended to enable a network device to send a tear down message to a downstream router, which may enable the downstream router to conditionally delete locale LSP state information. In some instances, a PLR network device may directly send a tear down message to a MP network device even though the PLR network device may not have a working bypass LSP.

This application claims the benefit of India Patent Application No.5340/CHE/2014, filed Oct. 27, 2014, the entire content of which isincorporated herein by reference.

TECHNICAL FIELD

The disclosure relates to packet-based computer networks and, moreparticularly, to forwarding packets within computer networks.

BACKGROUND

Routing devices within a network, often referred to as routers, maintainrouting information that describes available routes through the network.Upon receiving an incoming packet, the routers examine informationwithin the packet and forward the packet in accordance with the routinginformation. In order to maintain an accurate representation of thenetwork, routers exchange routing information in accordance with one ormore defined routing protocols, such as the Open Shortest Path First(OSPF) or the Intermediate System to Intermediate System (ISIS).

Multi-protocol Label Switching (MPLS) is a mechanism used to engineertraffic patterns within Internet Protocol (IP) networks. By using MPLS,a source device can request a path through a network, i.e., a LabelSwitched Path (LSP). An LSP defines a distinct path through the networkto carry MPLS packets from the source device to a destination device. Ashort label associated with a particular LSP is affixed to packets thattravel through the network via the LSP. Routers along the pathcooperatively perform MPLS operations to forward the MPLS packets alongthe established path. LSPs may be used for a variety of trafficengineering purposes including bandwidth management and quality ofservice (QoS). A packet may be a formatted set of data.

A variety of protocols exist for establishing LSPs. For example, onesuch protocol is the label distribution protocol (LDP). Another type ofprotocol is a resource reservation protocol, such as the ResourceReservation Protocol with Traffic Engineering extensions (RSVP-TE).RSVP-TE uses constraint information, such as bandwidth availability, tocompute paths and establish LSPs along the paths within a network.RSVP-TE may use bandwidth availability information accumulated by alink-state interior routing protocol, such as the IntermediateSystem-Intermediate System (ISIS) protocol or the Open Shortest PathFirst (OSPF) protocol.

Head-end routers of an LSP are commonly known as ingress routers, whilerouters at the tail end of the LSP are commonly known as egress routers.Ingress and egress routers, as well as intermediate routers along theLSP that support MPLS, are referred to generally as label switchingrouters (LSRs). A set of packets to be forwarded along the LSP isreferred to as a forwarding equivalence class (FEC). A plurality of FECsmay exist for each LSP, although there may, in some examples, be onlyone active LSP for any given FEC. Typically, a FEC definition includesthe IP address of the destination for the packets traversing the LSP,e.g., a destination IP address within headers of packets transported bythe LSP. In general, each router along the LSP maintains FEC to NexthopLabel Forwarding Entry mapping that associates a FEC with an incominglabel and an outgoing label. The ingress LSR, referred to as a labeledge router (LER), uses label information, propagated upstream by eachLSR along a path from the egress LER, to affix a label to each packetdestined for the FEC, thereby admitting the packet to the LSP. Morespecifically, transport LSRs along the path use MPLS protocols toreceive MPLS label mappings from downstream LSRs and to advertise MPLSlabel mappings to upstream LSRs. When an LSR receives an MPLS packetfrom an upstream router, the LSR performs a lookup in the context andswaps the MPLS label according to the information in its forwardingtable based on the lookup and forwards the packet to the appropriatedownstream LSR or egress LER. The egress LER removes the label from thepacket and forwards the packet to its destination in accordance withnon-label based packet-forwarding techniques. If Penultimate Hop Popping(PHP) is enabled for the LSP, then the penultimate LSR removes the labelfrom the packet before forwarding to Egress LER.

SUMMARY

In general, this disclosure describes techniques for scaling an MPLSprotocol, such as RSVP-TE, in a manner that may be capable ofestablishing and maintaining a high volume of LSPs, such as multiplehundreds of thousands of LSPs. For example, in one exampleimplementation a refresh interval of the MPLS protocol is extended suchthat the number of messages exchanged between nodes in the LSP isreduced. However, extending the refresh interval may result in a buildup of stale state information among the network devices in an LSP. Inorder to extend the refresh interval while reducing the build up ofstale state information on the nodes, this disclosure describesadditional example implementations utilizing various modifications tothe MPLS protocol.

For example, this disclosure describes example implementations thatenable a point of local repair (PLR) router to signal availability oflink protection or node protection to a merge point (MP) router and thatenable a router to actively determine whether or not it is a merge pointrouter. Based on whether or not the router determines it is a mergepoint router, the router may selectively clean up LSP states stored bythe router when there is an upstream link or node failure.

As another example, techniques of this disclosure may provide a set ofextensions to the MPLS protocol, such as RSVP-TE, that may enable arouter to send a tear down message to a downstream router, which mayenable the downstream router to conditionally delete locale stateinformation for the LSP. In some instances, a PLR router may directlysend a tear down message to a merge point router even though the PLRrouter may not have a working bypass LSP and/or may not have alreadyrefreshed backup LSP state information. According to the techniques ofthis disclosure, the RSVP-TE extensions may be backwards compatible withrouters along the LSP that do not support these modifications to theRSVP-TE protocol.

In one example, a method includes receiving, with a first network deviceand from a second network device, a first resource reservation pathmessage for establishing a label switched path between the secondnetwork device and a third network device by way of the first networkdevice such that the first network device is positioned between thesecond network device and the third network device along the labelswitched path, wherein the first resource reservation request messagespecifies whether local protection is desired for the label switchedpath, and sending, by the first network device, the first resourcereservation path message to a next hop network device toward the thirdnetwork device along the label switched path. The method may alsoinclude, responsive to determining that the first resource reservationrequest message specifies that local protection is desired andresponsive to receiving a resource reservation resv message from thenext hop network device: establishing, by the first network device, abypass label switched path between the first network device and a mergepoint network device along the label switched path, wherein the bypasslabel switched path bypasses a protected network resource positionedalong the label switched path between the first network device and themerge point network device, generating, by the first network device, asecond resource reservation path message that specifies that localprotection has been established for the label switched path at the firstnetwork device, and sending, by the first network device and to the nexthop network device along the label switched path, the second resourcereservation path message.

In another example, a first network device includes one or more networkinterface cards and a control unit. The control unit is configured toreceive, from a second network device using at least one of the one ormore network interface cards, a first resource reservation path messagefor establishing a label switched path between the second network deviceand a third network device by way of the first network device such thatthe first network device is positioned between the second network deviceand the third network device along the label switched path, wherein thefirst resource reservation request message specifies whether localprotection is desired for the label switched path, and send the firstresource reservation path message to a next hop network device towardthe third network device along the label switched path. The control unitis further configured to, responsive to determining that the firstresource reservation request message specifies that local protection isdesired and responsive to receiving a resource reservation resv messagefrom the next hop network device: establish a bypass label switched pathbetween the first network device and a merge point network device alongthe label switched path, wherein the bypass label switched path bypassesa protected network resource positioned along the label switched pathbetween the first network device and the merge point network device,generate a second resource reservation path message that specifies thatlocal protection has been established for the label switched path at thefirst network device, and send, to the next hop network device along thelabel switched path using at least one of the one or more networkinterface cards, the second resource reservation path message.

In another example, a computer-readable storage medium is encoded withinstructions that, when executed, cause one or more programmableprocessors of a first network device to receive, from a second networkdevice, a first resource reservation path message for establishing alabel switched path between the second network device and a thirdnetwork device by way of the first network device such that the firstnetwork device is positioned between the second network device and thethird network device along the label switched path, wherein the firstresource reservation request message specifies whether local protectionis desired for the label switched path, and send the first resourcereservation path message to a next hop network device toward the thirdnetwork device along the label switched path. The instructions mayfurther cause the one or more processors to, responsive to determiningthat the first resource reservation request message specifies that localprotection is desired and responsive to receiving a resource reservationresv message from the next hop network device: establish a bypass labelswitched path between the first network device and a merge point networkdevice along the label switched path, wherein the bypass label switchedpath bypasses a protected network resource positioned along the labelswitched path between the first network device and the merge pointnetwork device, generate a second resource reservation path message thatspecifies that local protection has been established for the labelswitched path at the first network device, and send, to the next hopnetwork device along the label switched path, the second resourcereservation path message.

In another example, a method includes receiving, by a first networkdevice and from a second network device, a conditional pathtear message,wherein the second network device is positioned upstream from the firstnetwork device along a label switched path in a network. The method mayalso include, responsive to determining, by the first network device,that the first network device is a node protecting merge point networkdevice for the second network device along the label switched path:retaining, with the first network device, state information for thelabel switched path, and sending, from the first network device to athird network device, a resource reservation path message that specifieslocal protection and node protection of the label switch path are nolonger available at the second network device, wherein the third networkdevice is a nexthop for the first network device in a downstreamdirection along the label switched path.

In another example, a network device includes one or more networkinterface cards and a control unit. The control unit is configured toreceive, from a second network device using at least one of the one ormore network interface cards, a conditional pathtear message, whereinthe second network device is positioned upstream from the first networkdevice along a label switched path in a network. The control unit isfurther configured to, responsive to determining that the first networkdevice is a node protecting merge point network device for the secondnetwork device along the label switched path: retain state informationfor the label switched path, and send, to a third network device andusing at least one of the one or more network interface cards, aresource reservation path message that specifies local protection andnode protection of the label switch path are no longer available at thesecond network device, wherein the third network device is a nexthop forthe first network device in a downstream direction along the labelswitched path.

In another example, a method includes determining, by a network device,that a hello session with a previous hop network device is down, whereinthe network device and the previous hop network device a part of a labelswitched path in a network, and determining, by the network device,whether the network device is a merge point. The method may alsoinclude, responsive to determining that the hello session is down anddetermining that the network device is not the merge point: removing, bythe network device, state information for the label switched path storedat the network device, and sending, by the network device, to adownstream network device, a conditional pathtear message.

In another example, a network device includes one or more networkinterface cards and a control unit. The control unit is configured todetermine that a hello session with a previous hop network device isdown, wherein the network device and the previous hop network device apart of a label switched path in a network, and determine whether thenetwork device is a merge point. The control unit is further configuredto, responsive to determining that the hello session is down anddetermining that the network device is not the merge point: remove stateinformation for the label switched path stored at the network device,and send, to a downstream network device and using at least one of theone or more network interface cards, a conditional pathtear message,wherein the downstream network device is positioned downstream from thenetwork device along the label switched path

In another example, a method includes receiving, with a network deviceand from a previous hop network device, a pathtear message for a labelswitched path in a network, wherein the network device and the previoushop network device are label switched routers along the label switchedpath, responsive to determining, by the network device, that at leastone of a next hop network device of the network device or a link betweenthe network device and the next hop network device has failed, sending,by the network device to a next next hop network device of the networkdevice in a downstream direction along the label switched path, a remotepathtear message instructing the next next hop network device to removestate information for the label switched path, and, responsive todetermining that a link between the network device and the next hop hasfailed, sending, by the network device to the next hop network device,the remote pathtear message instructing the next hop network device toremove the state information for the label switched path.

In another example, a network device includes one or more networkinterface cards and a control unit. The control unit is configured toreceive, from a previous hop network device and using at least one ofthe one or more network interface cards, a pathtear message for a labelswitched path in a network, wherein the network device and the previoushop network device are label switched routers along the label switchedpath, responsive to determining that a next hop network device of thenetwork device has failed, send, to a next next hop network device ofthe network device in a downstream direction along the label switchedpath and using at least one of the one or more network interface cards,a remote pathtear message instructing the next next hop network deviceto remove state information for the label switched path, and, responsiveto determining that a link between the network device and the next hophas failed, send, to the next hop network device, the remote pathtearmessage instructing the next hop network device to remove the stateinformation for the label switched path.

In another example, a method includes receiving, by a first networkdevice and from a second network device, a remote pathtear message,wherein the first network device and the second network device are partof a label switched path in a network, determining, by the first networkdevice, whether the first network device is a merge point for the secondnetwork device, and, responsive to determining that the first networkdevice is the merge point for the second network device, removing, bythe first network device, path information for the label switchednetwork stored by the first network device.

In another example, a first network device includes one or more networkinterface cards and a control unit. The control unit is configured toreceive, from a second network device and using at least one of the oneor more network interface cards, a remote pathtear message, wherein thefirst network device and the second network device are part of a labelswitched path in a network, determine whether the first network deviceis a merge point for the second network device, and responsive todetermining that the first network device is the merge point for thesecond network device, remove path information for the label switchednetwork stored by the first network device.

In another example, a method includes receiving, by a network device andfrom an upstream network device, a resource reservation path message toestablish a label switched path, wherein the upstream network device ispositioned upstream from the network device along the label switchedpath, and determining, by the network device, based on the resourcereservation path message, whether the network device is a candidatemerge point for the label switched path. The method may also includedetermining, by the network device, whether there is a remote Hellosession between the network device and the upstream device, and,responsive to determining that the network device is a candidate mergepoint and determining that there is the remote Hello session with theupstream device, determining, by the network device, that the networkdevice is a merge point for the upstream device.

In another example, a network device includes one or more networkinterface cards and a control unit. The control unit is configured toreceive, from an upstream network device and using at least one of theone or more network interface cards, a resource reservation path messageto establish a label switched path, wherein the upstream network deviceis positioned upstream from the network device along the label switchedpath, and determine, based on the resource reservation path message,whether the network device is a candidate merge point for the labelswitched path. The control unit is further configured to determinewhether there is a remote Hello session between the network device andthe upstream device, and, responsive to determining that the networkdevice is a candidate merge point and determining that there is theremote Hello session with the upstream device, determine that thenetwork device is a merge point for the upstream device.

In another example, a computer-readable storage medium is encoded withinstructions that, when executed, cause one or more programmableprocessors of a first network device to receive, from an upstreamnetwork device, a resource reservation path message to establish a labelswitched path, wherein the upstream network device is positionedupstream from the network device along the label switched path, anddetermine, based on the resource reservation path message, whether thenetwork device is a candidate merge point for the label switched path.The instructions may further cause the one or more processors todetermine whether there is a remote Hello session between the networkdevice and the upstream device, and, responsive to determining that thenetwork device is a candidate merge point and determining that there isa remote Hello session with the upstream device, determine that thenetwork device is a merge point for the upstream device.

The details of one or more examples are set forth in the accompanyingdrawings and the description below. Other features, objects, andadvantages will be apparent from the description and drawings, and fromthe claims.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a block diagram illustrating an example system in whichrouters are configured to forward network traffic, in accordance withone or more techniques of this disclosure.

FIG. 2 is a block diagram illustrating an example embodiment of anetwork device, in accordance with one or more techniques of thisdisclosure.

FIG. 3 is a block diagram illustrating an example system in whichrouters are configured to establish an LSP, in accordance with one ormore techniques of this disclosure.

FIG. 4 is a conceptual diagram illustrating an example capability objectof a HELLO message, in accordance with one or more techniques of thisdisclosure.

FIG. 5 is a block diagram illustrating an example system in whichrouters are configured to respond to a link failure, in accordance withone or more techniques of this disclosure.

FIG. 6 is a conceptual diagram illustrating an example conditionsobject, in accordance with one or more techniques of this disclosure.

FIG. 7 is a block diagram illustrating an example system in whichrouters are configured to respond to a node failure, in accordance withone or more techniques of this disclosure.

FIG. 8 is a block diagram illustrating an example system in whichrouters are configured to respond to a different link failure, inaccordance with one or more techniques of this disclosure.

FIG. 9 is a block diagram illustrating an example system in whichrouters are configured to respond to a different node failure, inaccordance with one or more techniques of this disclosure.

FIG. 10 is a block diagram illustrating an example system in whichrouters are configured to respond to another, different link failure, inaccordance with one or more techniques of this disclosure.

FIGS. 11-14 are flowcharts illustrating example operations of networkdevices in accordance with the techniques of this disclosure

DETAILED DESCRIPTION

FIG. 1 is a block diagram illustrating an example network system 10 inwhich provider edge (PE) router 12A-B (“PE routers 12”) and routers16A-16F (“routers 16”) of network 14 are configured to forward networktraffic (e.g., network packets) in accordance with the techniques ofthis disclosure. In some examples, network 14 may be a service providernetwork. For example, network 14 may represent one or more networksowned and operated by a service provider (which is commonly a privateentity) that offer one or more services for consumption by subscribernetworks. In this context, network 14 is typically a layer three (L3)packet-switched network that provides L3 connectivity between a publicnetwork and one or more subscriber networks (not shown). Often, this L3connectivity provided by a service provider network is marketed as adata service or Internet service, and subscribers may subscribe to thisdata service. Network 14 may represent a L3 packet-switched network thatprovides data, voice, television and any other type of service forpurchase by subscribers and subsequent consumption by subscribernetworks.

While not shown in the example of FIG. 1, network system 10 may includeadditional service provider networks, subscriber networks and othertypes of networks, such as access networks, private networks, or anyother type of network commonly employed to deliver one or more services(such as data service, Internet Protocol Television (IPTV) service,voice over Internet Protocol (VoIP) service, video telephony service orany other type of service) to subscriber networks.

As shown in FIG. 1, routers 12, 16 operate a label switching routers(LSR) and utilize an MPLS protocol communicate label information so asto establish label switched path (LSP) 22. For purposes of example,techniques of this disclosure are described with respective to RSVP-TE,which represents an exemplary MPLS protocol in which LSRs allocatelabels and communicate label information to other LSRs. Example detailsof RSVP are described in Awduche, D., Berger, L., Gan, D., Li, T.,Srinivasan, V., and G. Swallow, “RSVP-TE: Extensions to RSVP for LSPTunnels”, RFC 3209, December 2001, the entire contents of which isincorporated herein by reference. Other example MPLS protocols fordistribution of MPLS labels include the Label Distribution Protocol(LDP) and BGP when used to distribute label mapping information. Exampledetails of these protocols are described in Andersson, L., Ed., Minei,I., Ed., and B. Thomas, Ed., “LDP Specification”, RFC 5036, October2007, and Rekhter, Y. and E. Rosen, “Carrying Label Information inBGP-4”, RFC 3107, May 2001, the contents of each of which areincorporated herein by reference.

In the example of FIG. 1, router 16A is a point of local repair (PLR)router along label switched path (LSP) 22. In the example of FIG. 1, PLRrouter 16A is a transit router, i.e., an intermediate router, along LSP22 and is neither an ingress router nor an egress router of LSP 22. Inthis example, PE router 12A is the ingress router of LSP 22 and PErouter 12B is the egress router of LSP 22. LSP 22 extends alongrespective paths that pass through PLR router 16A, links 20A-20C (“links20”), and router 16D.

PE routers 12 and routers 16 represent any network device that routes orotherwise forwards traffic through network 14 and that applies labelswapping operations to the network traffic. Typically, routers 12, 16represent a L3 packet-switching device that operates at L3 to exchangerouting information using a routing protocol, such as an InteriorGateway Protocol (IGP), describing a current topology of network 14.Routers 12, 16 process this routing information, selecting paths throughits representation of the topology of network 14 to reach all availabledestinations to generate forwarding information. In other words, routers12, 16 may reduce these paths to so-called “next hops” which identifyinterfaces to which to forward traffic destined for a particulardestination, where the forwarding information includes this list of nexthops. Routers 12, 16 install the forwarding information in a forwardingplane of the respective router, whereupon the forwarding plane forwardsreceived traffic in accordance with the forwarding information.

As shown in FIG. 1, PLR router 16A may have previously computed andsignaled bypass LSP 26 as a backup path for protecting router 16B, suchas by using the Resource Reservation Protocol with Traffic Engineeringextensions (RSVP-TE). In this example, PLR router 16A is the point oflocal repair for bypass LSP 26, and router 16C is the merge point (MP)for bypass LSP 26. Bypass LSP 26 is a tunnel that provides nodeprotection for router 16B between router 16A and router 16C, such thatif router 16B should fail, PLR router 16A can establish a backup LSPover bypass LSP 26 and send the network traffic received along anexisting LSP through the backup LSP. Router 16A may establish bypass LSP26 in accordance with MPLS fast reroute techniques, as described in P.Pan, “Fast Reroute Extensions to RSVP-TE for LSP Tunnels,” NetworkWorking Group RFC 4090, May 2005, the entire contents of which isincorporated by reference herein.

For example, as the point of local repair and ingress of bypass LSP 26,router 16A may establish bypass LSP 26 to protect one or more otherexisting LSPs (such as LSP 22) that traverse at least router 16A androuter 16B and do not traverse router 16E. In some examples, router 16Amay establish bypass LSP 26 upon successful establishment of LSP 22. Forexample, router 16A may receive an RSVP-TE RESV from downstream router16B and the RSVP-TE PATH previously received from upstream router 12Afor LSP 22 contained “local protection desired” flag set in RSVP-TESESSION_ATTRIBUTES object. After router 16A establishes bypass LSP 26,router 16A maintains forwarding information in a data plane of router16A that allows router 16A to send traffic through bypass LSP 26 ifrouter 16B fails.

Responsive to detecting a failed resource between PLR router 16A andmerge point router 16C (e.g., failure of router 16B, in the example ofFIG. 1), PLR router 16A may perform a reroute action to reroute for thetraffic LSP 22 onto a previously established bypass LSP 26. For example,PLR router 16A may update its stored forwarding state to change theprimary next hops for LSP 22, such as by setting a next hop for bypassLSP 26 as the primary next hop for traffic received for LSP 22.

RFC 4090 describes a facility backup method, which provides link or nodeprotection by pre-calculating a bypass path for the set of LSPstraversing a link. For example, responsive to failure of router 16B, PLRrouter 16A redirects traffic over bypass LSP 26 via a backup LSP fromPLR router 16A to MP router 16C. Because of the soft-state nature ofRSVP, PLR router 16A is also expected to signal the backup LSPs alongthe bypass LSP 26 towards MP router 16C. These backup LSPs help inmaintaining state across PLR router 16A and MP router 16C.

When attempting to scale RSVP-TE to establish and maintain a largenumber of LSPs (e.g., 50,000 LSPs, 100,000 LSPs, 500,000 LSPs, etc.), itmay be become difficult for routers 16 to handle the rate of RSVPprotocol messages that would be required to handle this large number ofLSPs. The rate of RSVP protocol messages is influenced by both triggeredand periodic messages. Triggered messages consist of initial PATH/RESVmessages during LSP setup and PATH/RESV messages during backup LSPestablishment after local repair (e.g., redirection of traffic overbypass LSP 26 following a failure of router 16B).

One mechanism to mitigate the RSVP message rate problem is to increasethe refresh interval of LSP states so that the routers may prioritizebackup LSP establishment and other triggered messages. If a largerefresh time can be complemented with RSVP refresh reduction extensionsdefined in RFC 2961, then RSVP-TE implementation can these applyextensions to avoid rapid retransmits to reliably convey any new stateor state change to neighboring router and avoid re-sending the entiremessage during refresh to neighboring router. Even though thecombination of large refresh time and reliable message delivery is onepotential solution described herein, there are additional challenges ifthe technique is applied to facility protection specified in RFC 4090,and the additional challenges are also addressed herein.

In examples where there is a large number of LSPs from PLR router 16A tomerge point (MP) router 16D that transit routers 16C and 16D, therefresh interval may be configured to be large (e.g., on the order ofminutes as opposed to seconds) and refresh reduction extensions areenabled on all routers 16. In the example shown in FIG. 1, nodeprotection has been configured for the LSPs and the LSPs are protectedby each router in the following way:

-   -   1. router 16A has made node protection available using bypass        LSP 26; router 16A is the point of local repair and router 16C        is Node Protecting Merge Point (NP-MP);    -   2. router 16B has made node protection available using bypass        LSP 28; router 16B is the point of local repair and router 16D        is the NP-MP; and    -   3. router 16C has made link protection available using bypass        LSP 30; router 16C is the point of local repair and router 16D        is the Link Protecting Merge Point (LP-MP).

Typically, if link 20B fails, the following is the sequence of eventsthat is expected to occur for all protected LSPs under normalconditions:

-   -   1. router 16B performs local repair and re-directs the traffic        for LSP 22 over the bypass LSP 28;    -   2. router 16B also creates backup state for the LSP and triggers        sending of backup LSP state to router 16D over the bypass LSP        28;    -   3. router 16D receives backup LSP states and merges the backups        with the protected LSPs; and    -   4. as the link on router 16C over which the LSP states are        refreshed has failed (i.e., link 20B), router 16C will no longer        receive state refreshes, which may result in the time out of the        protected LSP states on router 16C will time out and router 16C        will send tear down message for all LSPs.

However, this sequence of events may result in a number of additionalchallenges. For example, if the protected LSP on router 16C times outbefore router 16D receives signaling for the backup LSP, then router 16Dwould receive a PathTear message from router 16C prior to receivingsignaling for the backup LSP, thus resulting in deleting the LSP statefor LSP 22. As another example, if, upon the failure of link 20B, router16C is to keep state until its timeout, then with long refresh interval(e.g., of at least one minute) this may result in a large amount ofstale state on router 16C. Alternatively, if upon the failure of link20B, router 16C is to delete the state and send a PathTear message torouter 16D, router 16D would delete the state information, thus deletingLSP 22 from router 16D. As yet another example, if router 16A attemptsto tear down LSP 22 after router 16B performs local repair andre-directs the traffic for LSP 22 but before router 16B create backupstate for LSP 22 and triggers sending of backup LSP state to router 16D,then router 16B may receive the PathTear message before creating thebackup state for the LSP and may delete the LSP state from its statedatabase. As another example, if router 16B fails to perform localrepair, then router 16B will delete the LSP state from its statedatabase without informing router 16D.

In accordance with techniques of this disclosure, routers 12 and/orrouters 16 may be configured to operate according to modified MPLSprotocol signaling mechanisms, such as a modified RSVP-TE, so as toreduce or eliminate such problems. As one example, the techniques ofthis disclosure may enhance facility protection method defined in RFC4090 by, for example, introducing a merge point determination mechanismthat enables the point of local repair to signal availability of link ornode protection to the MP. The techniques may also provide techniquesfor handling upstream link or node failures by cleaning up LSP states ifthe node has not determined that it is a merge point by using the mergepoint determination mechanism. Moreover, the techniques of thisdisclosure may also introduce extensions to enable a router to send teardown message to downstream router that enables the receiving router toconditionally delete its local state. In some examples, the techniquesof this disclosure may also enhance facility protection by allowing apoint of local repair to directly send tear down message to merge pointwithout requiring the point of local repair to either have a workingbypass LSP or have already refreshed backup LSP state. According to thetechniques of this disclosure, the RSVP-TE extensions may be backwardscompatible with routers along the LSP that do not support thesemodifications to the RSVP-TE protocol. In this way, techniques of thisdisclosure may enable support for longer refresh intervals, such asintervals that are longer than or equal to one minute in duration,including two minutes, five minutes, 10 minutes, etc. as specified inthe RSVP PATH message.

FIG. 2 is a block diagram illustrating an example embodiment of anetwork device, in accordance with one or more techniques of thisdisclosure. Router 30 may, for example, represent any of routers 12 or16 of FIG. 1, such as PLR router 16A or MP router 16C, for example. Inthis example, router 30 includes a control unit 31 that comprises arouting component 32 and a forwarding component 34. In addition, router30 includes a set of interface cards (IFCs) 50A-50N (collectively, “IFCs50”) for communicating packets via inbound links 52A-52N (collectively,“inbound links 52”) and outbound links 54A-54N (collectively, “outboundlinks 54”). Router 30 also includes management interface 46 by which anadministrator (“ADMIN”), script, or network management system canconfigure router 30. In some examples, management interface 46 may bepresented locally, or may be used for receiving information by way of anApplication Programming Interface (API) from a Software Defined Network(SDN) controller or Path Computation Element (PCE), for example.

Routing component 32 primarily provides an operating environment forcontrol plane protocols 40. For example, one or more IGP routingprotocols 42, such as Intermediate System to Intermediate System (ISIS)routing protocol 42A, or the Open Shortest Path First (OSPF) routingprotocol 42B, maintain routing information 36 to reflect the currenttopology of a network and other network entities to which router 30 isconnected. In particular, IGPs 42 update routing information 36 toaccurately reflect the topology of the network and other entities.Router 30 may include other example routing protocols such as BorderGateway Protocol (BGP).

Routing component 32 generates and programs forwarding component 34 withFIB 38 that associates network destinations with specific next hops andcorresponding interfaces ports of IFCs 50 in accordance with routinginformation 36. Routing component 32 may generate FIB 38 in the form ofa radix tree having leaf nodes that represent destinations within thenetwork, for example.

Based on FIB 38, forwarding component 34 forwards packets received frominbound links 52A-52N to outbound links 54A-54N that correspond to nexthops associated with destinations of the packets. In one example,forwarding component 34 is a rich and dynamic shared forwarding plane,optionally distributed over a multi-chassis router. Moreover, forwardingcomponent 34 may be provided by dedicated forwarding integrated circuitsnormally associated with high-end routing components of a networkrouter. Further details of one example embodiment of router 30 can befound in U.S. Pat. No. 8,339,959, issued Dec. 25, 2012, entitled“STREAMLINED PACKET FORWARDING USING DYNAMIC FILTERS FOR ROUTING ANDSECURITY IN A SHARED FORWARDING PLANE,” the entire contents of which areincorporated herein by reference.

As shown in FIG. 2, protocols 40 executing within routing component 32includes one or more MPLS protocols for establishing a LSP, which may beaccumulated by IGPs 42. For example, RSVP-TE 45 may generate andmaintain a traffic engineering database (TED) 49, including bandwidthreservations for paths associated with MPLS LSPs. Constrained ShortestPath First (CSPF) process 48 computes a shortest path or paths for anMPLS LSP based on specified constraints and bandwidth availabilityinformation associated with the links within the network. IGPs 42 may,in turn, advertise the calculated bandwidth availability information inTED 49 to other peer routers. As another example, constrained LabelDistribution Protocol (CR-LDP) 44 may send and receive label mappingmessages for establishing a LSP.

Router 30 receives RSVP-TE PATH messages from PE routers 12A for settingup LSP 22. In response, RSVP-TE 45 of router 30 forwards the RSVP-TEPATH messages to router 16B, and also sends RSVP-TE RESV messages backto PE router 12A confirming the reservation of the requested bandwidth.RSVP-TE 45 may also inform IGPs 42, which in turn can update TED 49 withcurrent available bandwidth information. IGPs 42 may also forward theupdated current available bandwidth information to other IGP peers.RSVP-TE 45 may also store MPLS labels to FIB 38 for LSP 22.

Subsequent to LSP 22 being established, router 30 may, in some examples,detect a failure condition of a link, such as link 20A of FIG. 1. Forexample, connectivity fault detection module 62 may run a session onlink 20A, and can detect when link 20A fails. In some examples, the link20A is managed by the kernel of router 30, and the routing protocoldaemon (RPD) and/or RSVP-TE 45 is informed by the kernel if there is anychange. RSVP-TE 45 will react depending on its configuration. In theexample of a one-hop session (IGP) at a transit router adjacent to thefailed link, then a Periodic Packet Management Daemon (PPMD) (not shown)of routing component 32 may delegate connectivity fault detectionfunctionality to a forwarding component monitor module (e.g., pfemon).Otherwise, routing component 32 may do fault detection. Exampletechniques for connectivity fault detection in a multi-chassis routingsystem are described in U.S. Pat. No. 7,720,061, filed Aug. 18, 2006,entitled “Distributed Solution for Managing Periodic Communications in aMulti-Chassis Routing System,” the entire contents of which areincorporated by reference herein. In some examples, in response todetecting a failure condition of a protected resource between router 30and a merge point router (e.g., a failure of PLR router 16B positionedbetween PLR router 16A and MP router 16C as shown in FIG. 1),connectivity fault detection module 62 informs RSVP-TE 45 in the controlplane of router 30 of the detected condition. In other examples,connectivity fault detection module 62 may detect a node failurecondition, such as where an intermediate router is present on the pathbetween the router 30 and a merge point router.

Although illustrated for purposes of example as being positioned in theforwarding component 34 (e.g., in the forwarding plane of router 30),connectivity fault detection module 62 could alternatively be located inthe control plane of router 30, such as within routing component 32. Inthe case of connectivity fault detection module 62 being located in thecontrol plane, connectivity fault detection module 62 may poll theforwarding component 34 for statistics and information, and compare thedata received from forwarding component 34 to configured thresholds, forexample. In one example, connectivity fault detection module 62 maycomprise a software application programming interface (API) in thecontrol plane of router 30 that notifies notify the control plane of thestatus of aspects of forwarding component 34, such as next hoputilization statistics, and forwarding component 34 responds byproviding the requested statistics. In this case, connectivity faultdetection module 62 might perform bookkeeping/accounting of bandwidth inthe control plane, for example.

In accordance with the techniques of this disclosure, RSVP-TE 45operates in accordance with an RSVP-TE protocol that has been extendedto signal availability of link and/or node protection to a merge pointand to enable RSVP-TE 45 to determine if router 30 is a merge point.Based on whether or not RSVP-TE 45 determines router 30 is a merge pointrouter, RSVP-TE 45 may selectively clean up LSP states stored by router30 when there is an upstream link or node failure. For example, RSVP-TE45 may support extensions to the RSVP-TE protocol that may enable router30 to send a tear down message to a downstream router, which may enablethe downstream router to conditionally delete locate state informationfor the LSP. In some instances, router 30 may directly send a tear downmessage to a merge point router (e.g., MP router 16C of FIG. 1) eventhough router 30 may not have a working bypass LSP and/or may not havealready refreshed backup LSP state information. According to thetechniques of this disclosure, the RSVP-TE extensions may be backwardscompatible with routers along the LSP that do not support thesemodifications to the RSVP-TE protocol.

RSVP-TE 45 includes protection module 56, merge point (MP) determinationmodule 58, and teardown module 60. Protection module 56 set up linkand/or node protection and determines whether router 30 has made nodeand/or link protection available. In an example where router 30corresponds to router 16A of FIG. 1, router 30 receives a PATH messageof PE router 12A to set up LSP 22. Using the SESSION_ATTRIBUTE object ofthe PATH message, PE router 12A signals to router 30 that localprotection is desired (e.g., by setting a local protection flag of theSESSION_ATTRIBUTE object) and signals whether node protection is desired(e.g., by setting a node protection flag of the SESSION_ATTRIBUTEobject). Responsive to receiving the PATH message, protection module 56determines whether local protection and/or node protection for LSP 22 isdesired. If local protection is desired, but not node protection,protection module 56 attempts to make link protection available for theLSP once the LSP establishment is determined to be successful uponreceiving RESV message. If both local protection and link protection aredesired for LSP 22, protection module 56 attempts to make nodeprotection available upon receiving RESV message from downstream router.If protection module 56 successfully sets up node link protection,protection module 56 signals that node protection is available using anew PATH message and triggers the sending of the new PATH message. Ifprotection module 56 successfully sets up link protection, protectionmodule 56 signals that links protection is available using a new PATHmessage and triggers the sending of the new PATH message. If, aftersignaling local protection availability, protection module 56 determinesthat local protection is no longer available, protection module 56 mayreset the record route object (RRO) flags relating to protectionavailability and trigger a PATH message, including the reset RRO flags,to be sent downstream.

MP determination module 58 determines whether or not router 30 is amerge point (e.g., MP router 16D) for a PLR router (e.g., router 16B).In examples where router 30 receives a PATH message (e.g., where router30 is MP router 16D and receives the PATH message from router 16C ofFIG. 1), MP determination module 58 determines whether the PATH messageincludes one or more RRO flags set to indicate that local protection isavailable. If the RRO flags indicate that local protection is available,then MP determination module 58 determines if there is remote RSVP-TEHello session with the point of local repair (e.g., router 16B). Aremote RSVP-TE Hello session exists when two routers (e.g., router 30and router 16B) successfully exchange RSVP-TE Hello Request and Ackmessages. That is, if router 30 sends an RVSP Hello Request message torouter 16B and, in response, receives an RSVP Hello Ack message fromrouter 16B, router 30 determines that a remote Hello session existsbetween router 30 and router 16B. In some examples, the remote Hellosession may be between a router and a next next hop router or previousprevious hop router (e.g., in the example of FIG. 1, between router 16Aand router 16C, router 16B and 16D, etc.). If the RRO flags are set andthe remote Hello session is present, then MP determination module 58determines that router 30 is a merge point. If the PATH message does notinclude one or more RRO flags set to indicate that local protection isavailable or if MP determination module 58 determines that there is noremote Hello session with the point of local repair, MP determinationmodule 58 determines that router 30 is not a merge point.

Teardown module 60 determines when and what type of teardown message tosend and where to send the teardown message. Teardown module 60 may sendone or more of a PathTear message, a remote PathTear message, and aconditional PathTear message. A conditional PathTear message is amechanism by which router 30 signals to another router (e.g., router 16Cof FIG. 1) that router 30 does not require the receiving router tounconditionally delete the LSP state immediately. The receiving routermay delete the LSP state only if it is not a link protecting or a nodeprotecting merge point. In other words, the receiving router may beconfigured to delete the LSP state if there is no “remote” point oflocal repair path state on the receiving router. A remote PathTearmessage is a mechanism by which router 30 may enable LSP state clean upwhile LSP 22 is being locally repaired. The remote PathTear message maybe sent to the next next hop (i.e., the next hop of the next hop for theLSP) in instances of next hop node failure or to the next hop ininstances of link failure between the node and the next hop node andinstructs the receiving node to delete the LSP state information for LSP22.

FIG. 3 is a block diagram illustrating an example system in whichrouters are configured to establish an LSP, in accordance with one ormore techniques of this disclosure. Each of routers 16 may includeelements substantially similar to those of router 30 of FIG. 2. PErouter 12A may be configured to establish LSP 22 as a protected LSP toPE router 12B. In order to setup LSP 22 as a protected LSP, PE router12A sends a PATH message that includes a SESSION_ATTRIBUTE object havinga “local protection desired” flag set. If LSP were to be set up as anon-protected LSP, PE router 12A would sent a PATH message that does nothave the “local protection desired” flag set in the SESSION_ATTRIBUTE ofthe PATH message.

As shown in FIG. 1, router 16A is the first router along the path to PErouter 12B. Router 16A receives the PATH message from PE router 12A anddetermines whether PE router 12A is attempting to set up a protectedLSP. A protection module of router 16A (e.g., protection availabilitymodule 56 of FIG. 2) analyzes the PATH message to determine if theSESSION_ATTRIBUTE object includes a flag indicating that localprotection is desired. In the example shown in FIG. 2, the protectionavailability module determines that PE router 12A is attempting to setup a protected LSP (i.e., that the SESSION_ATTRIBUTE object includes the“local protection desired” set to indicate that location protection isdesired.

An RSVP-TE protocol executing at router 16A (e.g., RSVP-TE 45 of FIG. 2)sends, via link 20A, a PATH message downstream (i.e., to router 16B) tocontinue the LSP setup process. The PATH message sent to router 16Bincludes the location protection flag of the SESSION_ATTRIBUTE objectset the same way as was set in the PATH message router 16A received fromPE router 12A. That is, if the PATH message router 16A received from PErouter 12A indicated that local protection is desired, then the PATHmessage sent by router 16A also indicates that local protection isdesired. Routers 16 each analyze the PATH message received from theupstream device and send PATH messages to downstream devices until PErouter 12B (i.e., the egress router for the LSP) receives the PATHmessage. PE router 12B reserves resources and sends a RESV message backupstream to router 16D, which propagates the RESV message upstream torouter 16C and so on until PE router 12A receives the RESV message. Oncethe LSP is established, any of routers 16 may periodically send RSVPrefresh messages to refresh LSP state information on other routers 16.

Responsive to determining that location protection is desired, router16A determines whether a node protection flag is set in theSESSION_ATTRIBUTE object. If the node protection flag is set, theRSVP-TE protocol attempts to create a node protection bypass LSP to thenext next hop (i.e., router 16C) avoiding the next hop (i.e., router16B) on the protected LSP path once the protected LSP establishment issuccessful with the arrival of RESV message from next hop router (i.e.,router 16B). That is, router 16A establishes bypass LSP 26 thattraverses router 16E and bypasses router 16B. Router 16A may establishbypass LSP 26 in accordance with MPLS fast reroute techniques, asdescribed in RFC 4090. For example, as the point of local repair andingress of bypass LSP 26, router 16A may establish bypass LSP 26 toprotect, not only LSP 22, but also one or more other existing LSPs thattraverse at least routers 16A and router 16B and do not traverse router16E. After router 16A establishes bypass LSP 26, router 16A maintainsforwarding information in a data plane of router 16A (e.g., in FIB 38)that allows router 16A to send traffic through bypass tunnel 26 ifrouter 16B fails.

While selecting destination address of bypass LSP 26, router 16A mayattempt to select the router ID of the next next hop or next hop router.If router 16A and the merge point router (i.e., router 16C) are in sameIGP area and if the node ID is not included in the Record Route Object(RRO) of the RESV message received from router 16B, then router 16A mayutilize TED 49 to determine the router ID from the interface address inRRO. If router 16A and the next next hop merge point are in differentIGP areas, then router 16A may use the NodeID address of the next nexthop merge point if the node ID is included in the RRO of the RESVmessage received from router 16B. If the node ID is not included in theRRO of the RESV message, then router 16A should use the node protectingmerge point's interface address present in the RRO of the RESV message.Router 16A should use its router ID as the source address of bypass LSP26 and may include its router ID as the node ID in the PATH RRO message.

If router 16A is not able to set up node protection after some period oftime (i.e., node protection setup times out without bypass LSP 26 beingsetup), router 16A may attempt to create a link protection bypass LSP tothe next hop router (i.e., router 16B). In the example shown in FIG. 2,router 16A is able to establish bypass LSP 26. In various instances,even though router 16A is able to establish bypass LSP 26, router 16Amay be configured to also establish a link protection bypass LSP.

If the node protection flag is not set in the SESSION_ATTRIBUTE object,router 16A attempts to create a link protection bypass LSP without firstattempting to create a node protection bypass LSP. In general, a linkprotection bypass LSP avoids the link between a router and the next hop(i.e., link 20A between router 16A and 16B). Additional details withrespect to link-protection bypass LSPs will be discussed with respect torouter 16C and link protection bypass LSP 30.

In parallel to the attempt to create a node protection bypass LSP orlink protection bypass LSP, router 16A may initiate remote Hello sessionto the next next hop or next hop node to track the reachability of thenode protecting merge point or the link protecting merge point after anyfailure. The address of the remote neighbor is derived in the samemanner as the destination address of the node protection bypass LSP orlink protection bypass LSP. If the node protection bypass LSP (i.e., LSP26) comes up, then router 16A sets “local protection available” and“node protection available” RRO flags and triggers a new PATH message tobe sent from router 16A to router 16B. If the link protection bypass LSPcomes up, then router 16A would set “local protection available” RROflag and trigger a new PATH message to be sent to PLR router 16B.

A node ID based Hello session is one in which the node ID is used insource and destination address fields in an RSVP Hello message. RFC4558, “Node-ID Based Resource Reservation Protocol (RSVP) Hello: AClarification Statement,” by Ali et al., June 2006, the entire contentsof which is incorporated by reference herein, formalizes node ID-basedHello messages between two neighboring routers. The new proceduresdefined in the previous section extends the applicability of node IDbased Hello messages between two routers that may not have an interfaceconnecting them for exchanging RSVP messages.

As mentioned above, router 16A sends a PATH message downstream to router16B, where the PATH message includes the “local protection desired” flagset. Router 16B propagates the PATH message downstream until the PATHmessage reaches the egress router (e.g., PE router 12B of FIG. 1) forthe protected LSP (e.g., LSP 22 of FIG. 1). The egress router sends aRESV upstream (e.g., to router 16D), indicating that the egress routerhas reserved resources for LSP 22. Router 16D also sends a RESV messageupstream to router 16C.

Router 16C receives the RESV message from router 16D and determines thata link protection bypass LSP needs to be created. Router 16C initiatescreation of a link protection bypass LSP (e.g., link protection bypassLSP 30), sends a Hello message to router 16D to establish a NodeID Hellosession, and sends a RESV message to router 16B. Once router 16Cdetermines that link protection bypass LSP 30 has been successfullycreated, router 16C sends a RESV message and a PATH message, each havingan RRO flag set, indicating link protection is available for link 20C.Router 16C sends the RESV message upstream to router 16B and sends thePATH message downstream to router 16D. Router 16D receives the PATHmessage having the RRO “local protection available” flag and, based onthe RRO flag, a merge point determination module of router 16D (e.g.,merge point determination module 58 of FIG. 2) determines that router16D is a link protecting merge point for router 16C.

When the next next hop (in the case of node protection) or next hop (inthe case of link protection) router receives the triggered PATH with RROflag(s) set, the router checks for the presence of a NodeID Hellosession with point of local repair so that the router can detect if thenetwork being partitioned. For example, if router 16D receives thetriggered PATH message from router 16C, router 16D checks if it has theNodeID Hello session with router 16C. If the flags are set and theNodeID Hello session is present, router 16D determines that protectionhas been made available at router 16C. If router 16C has included a nodeID in triggered PATH RRO, then the included node ID is the remoteneighbor address. Otherwise, the interface address of router 16C asspecified in the PATH RRO is used as the remote neighbor address. If the“node protection available” flag is set by the previous previous hoprouter (e.g., router 16B), then router 16D determines that it is a nodeprotecting merge point. Otherwise, router 16D determines that it is alink protecting merge point.

Once a router determines it is a merge point (e.g., router 16Ddetermines it is a link protecting merge point or router 16C determinesit is a node protecting merge point), the router creates “remote” LSPpath state information. The “remote” LSP state information issubstantially the same as the protected LSP state except for adifference in the HOP object that contains the address of the NodeIDHello session with the point of local repair. The merge point routershould automatically delete the “remote” state if:

-   -   the merge point is a node protecting merge point and it receives        a PATH message later with “NP available” flag reset in the PATH        RRO flags received from the point of local repair;    -   the merge point is a link protecting merge point and it receives        a PATH message later with “local protection available” flag        reset in the PATH RRO flags received from the point of local        repair;    -   NodeID Hello session with the point of local repair goes down;    -   the merge point receives backup LSP signaling from the point of        local repair, which overrides the “remote” state;    -   the merge point receives a PathTear message; or    -   the merge point deletes the LSP state.

As mentioned above, when router 16C establishes link protection bypassLSP 30, router 16C sends a RESV message to router 16B. Router 16Breceives the RESV message and initiates creation of a node protectionbypass LSP (e.g., node protection bypass LSP 28), sends a Hello messageto router 16D to establish a NodeID Hello session, and sends a RESVmessage to router 16A. Once router 16B determines that node protectionbypass LSP 28 has been successfully created, router 16B sends a RESVmessage to router 16A and a PATH message to router 16C, each having anRRO flag set, indicating node protection is available. Router 16Creceives the PATH message having the RRO “node protection available”flag set and propagates the PATH message. Router 16D receives the PATHmessage propagated by router 16C and a merge point determination moduleof router 16D (e.g., merge point determination module 58 of FIG. 2)determines that router 16D is a node protecting merge point for router16B.

Router 16A receives the RESV message from router 16B and initiates thecreation of a node protection bypass LSP (e.g., node protection bypassLSP 26) and sends a Hello message to router 16D to establish adjacencysignaling. Once router 16A determines that node protection bypass LSP 26has been successfully created, router 16A sends a PATH message to router16B with an RRO flag set indicating node protection is available. Router16B receives the PATH message having the RRO “node protection available”flag propagates the PATH message. Router 16C receives the PATH messagepropagated by router 16B and a merge point determination module ofrouter 16C (e.g., merge point determination module 58 of FIG. 2)determines that router 16C is a node protecting merge point for router16A. However, router 16C does not propagate the PATH message to router16D.

Whenever a router receives a PATH message, the router should check ifthe only change is in RRO flags. If the change is only in PATH RROflags, then the router should decide whether to propagate the PATH basedon the following rules:

-   -   If “node protection desired” flag is set and “node protection        available” flag has changed in previous hop's RRO flags, then        PATH is triggered; and    -   In all other cases the change is not propagated.

In general, when the next next hop router or next hop router receivesthe triggered PATH with RRO flag(s) set, the router determines thatprotection has been made available at the point of local repair. As anadditional check to detect whether the network is partitioned, therouter may check for the presence of a NodeID Hello session with thepoint of local repair. If the point of local repair has included a nodeID in the PATH RRO, then that node ID is the remote neighbor address.Otherwise, the point of local repair's interface address in specified inthe PATH RRO is used as the remote neighbor address. If the “NPavailable” flag is set by previous previous hop router, the router thatreceives the propagated PATH message determines it is a node protectingmerge point. Otherwise, the router determines that it is a linkprotecting merge point. However, a router may be both a link protectingmerge point and a node protecting merge point. As shown in FIG. 3,router 16D is a link protecting merge point for router 16C and linkprotection bypass LSP 30 as well as a node protecting merge point forrouter 16B and node protection bypass LSP 28.

Techniques of this disclosure also provide for backwards compatibilityfor routers that do not support the enhanced fast reroute (FRR) facilityprotection techniques described herein. In this disclosure, enhanced FRRfacility protection may also be referred to as “enhanced facilityprotection” or “enhanced fast reroute.” Routers configured in accordancewith the backwards compatibility techniques may support backwardcompatibility for a subset of LSPs configured on the routers. That is, arouter may simultaneously support both LSPs that only traverse routersthat support the FRR enhancements described herein, LSPs that traverserouters that only support conventional FRR techniques, and LSP thattraverse some routers that only support conventional FRR techniques androuters that support the FRR enhancements described herein.

There are at least two possible approaches to determine whether nodesalong the LSP path support enhanced facility protection specified inprevious sections. The first approach is based on signaling enhancementwhere any router implementing the FRR enhancements would set a new flag(e.g., an “enhanced facility protection” flag) in the RRO carried inPATH and RESV messages to indicate support for the FRR enhancements.Using this approach, a router may determine whether a previous previoushop or previous hop router supports the FRR enhancements based on thePATH RRO flags included in PATH messages received from the previousprevious hop or previous hop. Similarly, a router may determine whethera next next hop or next hop router supports the FRR enhances based onthe RESV RRO flags included in RESV messages received from the next nexthop or next hop. In some examples, any router that sets the “enhancedfacility protection” flag may also set a Refresh-Reduction-Capable flagin the common header of all RSVP messages. The Refresh-Reduction-Capableflag indicates that the router supports increased refresh intervals ofLSP states (e.g., refresh intervals of at least one minute).

The second approach for providing backward compatibility is based onadvertising support for FRR enhancements by setting a new flag “Enhancedfacility protection” in the CAPABILITY object of Hello messages. Theformat of the CAPABILITY object of a Hello message is shown in FIG. 4.As a router that supports the FRR enhancements typically initiatesHellos with an adjacent router, the router can determine whether aprevious hop or next hop neighbor supports the FRR enhancements based onthe Hello messages sent by the neighbor. If a router attempts to makenode protection available, then the point of local repair may initiate aremote NodeID Hello session with the next next hop. If the next next hop(a) does not reply to a remote Hello message or (b) does not set the“Enhanced facility protection” flag in the CAPABILITY object in thereply, then the point of local repair determines that the next next hopdoes not support FRR enhancements. If node protection is requested foran LSP and if (a) the previous previous hop router has not set “localprotection available” and “NP available” flags in its RRO flags or (b)the previous previous hop router has not initiated remote Hellomessages, then the router determines that the point of local repair doesnot support FRR enhancements.

If one or more downstream routers do not support the FRR enhancements, arouter may generate PATH messages with different parameters than if thedownstream routers supported the FRR enhancements. For example, if thenext hop router does not support enhanced facility protection, then therouter may reduce the “refresh period” in TIME_VALUES object carried inPATH messages to a default small refresh time value. If node protectionis requested and the next hop router or the next next hop router doesnot support the FRR enhancements, then the router may reduce the“refresh period” in TIME_VALUES object carried in PATH to default value.If the router reduces the refresh time, the router may also refrain fromsending Remote PathTear and/or Conditional PathTear messages.

As one example, consider the example topology in FIG. 2. If router 16Cdoes not support enhanced facility protection, then routers 16A and 16Bshould reduce the refresh time to a shorter time period, such as 10seconds, 30 seconds, 45 seconds, etc. and trigger sending of a PATHmessage. If router 16B is not an merge point and if the previous hoplink of router 16B fails (e.g., link 20A), router 16B cannot send aConditional PathTear to router 16C but may allow the LSP state fromrouter 16A to time out normally. This would be accomplished if router16A would also reduce the refresh time to a default value. That is, ifrouter 16C does not support enhanced facility protection, then previoushop router 16B and previous previous hop router 16A should each reducethe refresh time specified in the PATH messages to a default value thatis shorted that would otherwise be specified.

If one or more upstream routers do not support the FRR enhancements, arouter may generate RESV messages with different parameters than if theupstream routers supported the FRR enhancements. For example, of theprevious hop router does not support enhanced facility protection, thenthe router should reduce the “refresh period” in TIME_VALUES objectcarried in RESV to a default small refresh time value. If nodeprotection is requested and the previous hop router does not support theFRR enhancements, then the router should reduce the “refresh period” inTIME_VALUES object carried in PATH to a default value. If nodeprotection is requested and the previous previous hop node does notsupport the FRR enhancements, then the router should reduce the “refreshperiod” in TIME_VALUES object carried in RESV to a default value. If therouter reduces the refresh time from the above procedures, the routermay also refrain from performing the merge point determinationprocedures described herein.

After signaling protection availability, if router 16A determines thatthe protection is unavailable (e.g., due to a link and/or node failure),router 16A may attempt to make protection available. That is, if bypassLSP 26 becomes unavailable, router 16A may attempt to establish adifferent bypass LSP. Router 16A may wait for a time out beforeresetting RRO flags relating to protection availability and triggering anew PATH message to be sent downstream. If router 16A is able toestablish an alternate bypass LSP, router 16A need not wait for the timeout to set RRO flags relating to protection availability and mayimmediately trigger a new PATH message to be sent downstream.

FIG. 4 is a conceptual diagram illustrating an example capability objectof a HELLO message, in accordance with one or more techniques of thisdisclosure. As discussed with respect to FIG. 3, one mechanism by whicha router may provide backwards compatibility includes modifying theCAPABILITY object of Hello messages. The Hello message includes a commonheader, an INTEGRITY object, a HELLO object, a RESTART CAP object, and aCAPABILITY object.

As shown in FIG. 4, CAPABILITY object 70 includes a Length field, aClass-Num field, a C-Type field, a Reserved portion, and a series offlag bits—E, T, R, and S. The Length field specifies the length of theCAPABILITY object. The Class-Num field specifies the class number forthe object. As the CAPABILITY object is assigned the class number of134, the Class-Num field is set to 134. The C-Type field indicates theclass type for the object within the class number. The CAPABILITY objectis assigned class type 1, so the C-type field is set to 1. The reservedportion of the capability object is reserved for future use. The T-bitis the RecoveryPath Transmit Enabled bit and when set (i.e., is thevalue 1), the T bit indicates that the sending node is enabled to sendRecoveryPath messages. The R-bit is the RecoveryPath Desired bit that,when set, indicates that the sending node desires to receiveRecoveryPath messages. The S-bit is the RecoveryPath Srefresh Capablebit. In combination with the R-bit, the S-bit indicates that the sendingnode is capable of receiving and processing Srefresh messages with theRecoveryPath Flag set in the MESSAGE_ID LIST object.

In accordance with the techniques of this disclosure, the CAPABILITYobject is modified to include E-bit 72. E-bit 72 is created by using onebit from the reserved space. E-bit 72 indicates that the sender supportsenhanced FRR facility protection. If E-bit 72 is set (i.e., the value ofE-bit 72 is 1), the sender is indicating that it supports enhanced FRRfacility protection. If E-bit 72 is not set (i.e., the value of E-bit 72is 0), the sender is indicating that it does not support enhanced FRRfacility protection. In this way, the CAPABILITY object of the Hellomessage may be used to signal whether or not a node supports theenhanced facility protection techniques described in this disclosure. Ifthe sender has not included CAPABILITY object in Hello message, then thesender is considered not to support enhanced FRR facility protection.

FIG. 5 is a block diagram illustrating an example system in whichrouters are configured to respond to a link failure, in accordance withone or more techniques of this disclosure. As shown in FIG. 5, router16A has become unavailable due to the failure of link 20A and router 16Bis not a link protecting or a node protecting merge point. As router 16Bis not a merge point, when router 16B detects that router 16A has becomeunavailable along the previously established LSP path (i.e., due to linkor node failure), router 16B sends a Conditional PathTear message 80 torouter 16C via link 20B and deletes the LSP state information for theLSP.

Routers 16 may detect when a neighboring node becomes unavailable byexchanging Hello messages. For example, router 16B may send a HelloRequest message to router 16A and router 16A responds with a Hello Ackmessage. If router 16B does not receive a Hello Ack message in responseto the Hello Request message within a configured timeout period, router16B may determine that router 16A is unavailable. In general, aneighboring node may become unavailable due to a link and/or nodefailure.

When the link to a point of local repair fails (e.g., link 20A betweenrouters 16A and 16B), the link Hello session to the point of localrepair (e.g., between routers 16A and 16B) will fail whereas the remoteNodeID Hello session to the point of local repair will remain up (e.g.,between routers 16A and 16C). Because the remote NodeID Hello sessionremains up, the merge point will retain state until a refresh timeoutbecause of the presence of “remote” path state. However, if router 16Bwere to send a typical PathTear message, then router 16C would deleteLSP state upon receipt of the PathTear message instead of retaining thestate information. In order to avoid router 16C prematurely deleting thestate information, router 16B includes a new optional object in thePathTear message. A PathTear message that includes the optional objectis referred to herein as a “Conditional Path Tear” message. If router16C also understands the new object, then router 16C should delete LSPstate only if it is not a node protecting merge point. In other words,router 16C should delete LSP state if there is no “remote” point oflocal repair path state on router 16C.

A node (e.g., router 16B) may send a Conditional PathTear if router 16Bdetermines to delete the LSP state under the following conditions:

-   -   the LSP ingress (e.g., PE router 12A of FIG. 1) requested node        protection for the LSP; and    -   the node has not received a PathTear message from an upstream        node; and    -   the node is not a merge point and the previous hop link or        previous hop NodeID Hello session goes down.        The node may send a Conditional PathTear message upon deleting        the LSP state information stored at the node in order for the        node's next hop node to retain state if the next hop node is a        node protecting merge point. In other words, in the example of        FIG. 5, router 16B sends a Conditional PathTear message to        router 16C when PE router 12A requested node protection for LSP        22, router 16B has not received a conventional PathTear message        from router 16A or any other upstream router, and the link or        node Hello session with router 16A goes down.

If router 16B were to receive a Conditional PathTear message, router 16Bis configured to delete its LSP state information and process theConditional PathTear as a normal PathTear message because router 16B isnot a node protecting merge point. Router 16B may not propagate theConditional PathTear message downstream (i.e., to router 16C) but,instead, removes the optional object and sends a normal PathTear messagedownstream.

When router 16C receives the Conditional PathTear message from router16B, router 16C does not immediately delete its LSP state information.Instead, router 16C checks whether router 16B previously set “NPavailable” flag in the PATH message RRO flags. If router 16B previouslyset the flag, then router 16C should clear “local protection available”and “NP available” flags in the PATH message RRO flags and triggersending the PATH message downstream (e.g., to router 16D).

Techniques of this disclosure also provide for backwards compatibilityfor nodes that do not support the enhanced facility protectiontechniques described herein. For example, if a Conditional PathTearmessage is received from a neighbor that has not advertised support forenhanced facility protection, then the node processes the message asnormal PathTear message, propagates a normal PathTear messagedownstream, and delete its LSP state information. In other words, ifrouter 16C did advertise enhanced facility protection in Hello messages,but propagated a Conditional PathTear message to router 16D, which doessupport enhanced facility protection, router 16D may ignore the newobject defining the PathTear message as a Conditional PathTear messageand process the Conditional PathTear message as if it were a normalPathTear message. That is, router 16D may delete its LSP stateinformation and propagate a normal PathTear message downstream.

If an upstream link that is not attached to a node protecting mergepoint fails and the node protecting merge point receives a ConditionalPathTear message from the previous hop node, then the merge point mayretain the LSP state information as long as the remote NodeID Hellosession with the point of local repair is up because the ConditionalPathTear from the previous hop node will not impact the “remote” pathstate from the point of local repair. For example, if link 20A fails,router 16C receives a Conditional PathTear message from router 16B. Asrouter 16C is the node protecting merge point for router 16A and bypassLSP 26, router 16C is configured to retain the LSP state information aslong as routers 16A and 16C are able to continue to exchange Hellomessages (i.e., as long as the remote NodeID Hello session with thepoint of local repair is up). If router 16C does not receive a Hello Ackin response to a Hello Request (e.g., the remote Hello session is down),router 16C may delete the LSP state information.

In the example shown in FIG. 5, assume routers 16C and 16D are nodeprotecting merge points for routers 16A and 16B, respectively. When link20A fails, as router 16B is not a merge point and its previous hop linkHello session has failed, router 16B deletes its LSP state information.In the data plane, that would require router 16B to delete the labelforwarding entry corresponding to LSP 22. So if router 16B's downstreamnodes (i.e., router 16C and 16D) continue to retain LSP stateinformation, it would not be correct for router 16D to continue toassume that it is the node protecting merge point for router 16B. Thereare several different ways to address this problem. In one example, asrouter 16B had previously signaled node protection availability, router16B may signal lack of node protection availability before sending theConditional PathTear message to router 16C. Router 16B may trigger aPATH message, wait for a PATH Ack in response to the PATH message, and,in response to receiving the PATH Ack, send the Conditional PathTearmessage to router 16C. Router 16B may include both PATH with updated RROflags and Conditional PathTear in a message bundle.

As another example, router 16B may send a Conditional PathTear message80 to router 16C via link 20B and let router 16C interpret theConditional PathTear message as implicit signaling of the lack of nodeprotection availability. In this example, router 16C should then updatethe PATH RRO flags for router 16B to signal router 16D that nodeprotection is no longer available on router 16B. In general, to processto update the PATH RRO flags includes router 16B sending a ConditionalPathTear to router 16C and deleting its LSP state information. Whenrouter 16C receives the Conditional PathTear, router 16C determines thatit should retain the LSP state information because router 16C hadpreviously determined that it is a node protecting merge point forrouter 16A. Router 16C also determines whether router 16B had previouslysignaled availability of node protection to router 16C. As shown in FIG.5, router 16B had previously signaled node protection availability inits PATH RRO flags. Accordingly, router 16C resets the “local protectionavailable” and “NP available” flags in the PATH RRO flags correspondingto router 16B and triggers propagation of the PATH message 82 to router16D via link 20C. When router 16D receives the triggered PATH message,router 16D determines that it is no longer a node protecting merge pointand deletes the “remote” state information. However, router 16D does notpropagate the triggered PATH message further downstream because the onlychange in the triggered PATH message is in PATH RRO flags of router 16B.

If, at a later time, link 20A comes back up, router 16A may attempt torevert LSP 22 to traversing the original path rather than using bypassLSP 26. Router 16A may attempt to re-establish LSP 22 by at leastsignaling the same LSP instance to router 16B (e.g., using a PATHmessage). Router 16B receives the PATH message, creates LSP stateinformation for LSP 22 and propagates the PATH message to router 16C. Ininstances where router 16C determines that it retained state informationfor LSP 22, router 16C sends a RESV message to router 16B and does notpropagate the PATH message downstream.

Router 16B attempts to re-establish node protection (e.g., bypass LSP 28via router 16F as shown in FIG. 3). Once node protection becomesavailable again, router 16B sets the “node protection available” flag inthe RRO flags of a PATH message and sends the PATH message to router16C. Router 16C receives the PATH message and determines that the RROflags have changed as compared to the previously received PATH message.Responsive to determining that the RRO flags have changed, router 16Cpropagates the PATH message to router 16D. Router 16D receives thepropagated PATH message, determines, based on the “node protectionavailable” flag in the PATH message, that it is a node protecting mergepoint for router 16C, and recreates the “remote” LSP path stateinformation.

As the refresh timeout of the LSP state information may be high (e.g.,minutes), LSP state needs to be cleaned up properly even after localrepair. If the ingress router (e.g., PE router 12A) intends to tear downthe LSP or if the point of local repair is unable to perform localrepair, it would not be desirable to wait for backup LSP signaling toperform state cleanup. To enable LSP state cleanup when LSP is beinglocally repaired, nodes should send “remote” tear down messageinstructing the receiving node to delete LSP state.

For example, if, after link 20A fails, router 16A is unable to perform alocal repair, router 16A sends a Remote PathTear message to router 16Cas router 16C is the node protecting merge point for router 16A. Asdescribed above, in response to determining that link 20A failed, router16B deletes the LSP state information and sends a Conditional PathTearmessage to router 16C. If router 16C only received the ConditionalPathTear message from router 16B, router 16C would maintain LSP stateinformation so long as the remote NodeID Hello session with router 16Ais up. However, because router 16C also received a Remote PathTearmessage from router 16A, router 16C deletes the LSP state informationand sends a normal PathTear message to router 16D. Router 16D processesthe Remote PathTear message just like any other normal PathTear messagein as much as router 16D deletes the LSP state information.

FIG. 6 is a conceptual diagram illustrating an example conditionsobject, in accordance with one or more techniques of this disclosure. Asdescribed with respect to FIG. 5, a Conditional PathTear messageincludes a new object that specifies that the PathTear message is aConditional PathTear object. The Conditional PathTear message shown inFIG. 6 includes a Length field, a Class-Num field, a C-Type field, aReserved portion, and a new object, conditions object 92. The Lengthfield specifies the length of the CAPABILITY object. The Class-Num fieldspecifies the class number for the object. In order to provide backwardscompatibility (e.g., enable any RSVP-TE implementation that does notsupport Conditional PathTear to ignore the new object but process themessage as normal PathTear without generating any error), the Conditionsobject is assigned the class number of 188, the Class-Num field is setto 188. The C-Type field indicates the class type for the object withinthe class number. For the Conditions object messages, the C-Type fieldis set to 1. The reserved portion of the capability object is reservedfor future use.

M-bit 92 is a single bit and specifies the conditions under whichdefault processing rules of the RSVP message should be invoked. That is,conditions object 90 with M-bit 92 being set to 1 indicates that thePathTear message should be processed based on whether the receiving nodeis a merge point. If the receiving node is a merge point (i.e., a linkprotecting merge point or a node protecting merge point), the receivingnode will retain the LSP state information so long as the remote NodeIDHello session with point of local repair is up. If the receiving node isnot a merge point, then the receiving node will delete the LSP stateinformation.

FIG. 7 is a block diagram illustrating an example system in whichrouters are configured to respond to a node failure, in accordance withone or more techniques of this disclosure. In the example shown in FIG.7, router 16A has established bypass LSP 26 and has node protectionenabled. Router 16C is the node protecting merge point for router 16A.

As shown in FIG. 7, router 16B has failed. Router 16A, which is thepoint of local repair, performs local repair. That is, router 16Aupdates LSP 22 to include bypass LSP 26 such that LSP 22 traversesrouter 16A, 16E, and 16C rather than router 16A, 16B, and 16C. Whenrouter 16B fails, the link Hello session from router 16C to router 16Bwill fail, but the remote NodeID Hello session between router 16C androuter 16A (the point of local repair) remains up as router 16Aperformed local repair. As router 16C is the node protecting merge pointfor router 16A, so long as the remote NodeID Hello session betweenrouter 16C and 16A remains up, router 16C will retain the LSP stateinformation.

With the failure of router 16B, router 16D determines that the remoteNodeID Hello session with router 16B has failed. Based on the remoteNodeID Hello session failure, router 16D deletes the “remote” LSP pathstate information. However, because router 16D continues to receive RSVPrefresh message from router 16C and link Hello session with router 16Cis up, router 16D maintains LSP state information for LSP 22.

At a later point in time, router 16B comes back up. Router 16Adetermines that router 16B is back up and re-signals the same LSPinstance in an attempt to re-establish LSP 22 traversing the path alongrouters 16A, 16B, and 16. That is, router 16A sends a PATH message torouter 16B, instructing router 16B to re-establish LSP 22. Router 16Breceives the PATH message, creates LSP state information for LSP 22, andpropagates the PATH message to router 16C. In instances where router 16Cdetermines that it retained state information for LSP 22, router 16Csends a RESV message to router 16B and does not propagate the PATHmessage downstream.

Router 16B attempts to re-establish node protection (e.g., bypass LSP 28via router 16F as shown in FIG. 3). Once node protection becomesavailable again, router 16B sets the “node protection available” flag inthe RRO flags of a PATH message and sends the PATH message to router16C. Router 16C receives the PATH message and determines that the RROflags have changed as compared to the previously received PATH message.Responsive to determining that the RRO flags have changed, router 16Cpropagates the PATH message to router 16D. Router 16D receives thepropagated PATH message, determines, based on the “node protectionavailable” flag in the PATH message, that it is a node protecting mergepoint for router 16C, and recreates the “remote” LSP path stateinformation.

If, after router 16B fails, router 16A is unable to perform a localrepair, router 16A sends a Remote PathTear message to router 16C asrouter 16C is the node protecting merge point for router 16A. As router16C received an explicit PathTear requesting state deletion, router 16Cdeletes the LSP state information and sends a normal PathTear message torouter 16D. Router 16D process the normal PathTear message just like anyother normal PathTear message in as much as router 16D deletes the LSPstate information.

An LSP may be preempted by a new LSP. Details of how one LSP may bepreempted by another LSP are described in J. do Oliveira, “LabelSwitched Path (LSP) Preemption Polices for MPLS Traffic Engineering,”Network Working Group RFC 4829, April 2007, and M. Meyer, “MPLS TrafficEngineering Soft Preemption,” Internet Engineering Task Force RFC 5712,January 2010, the entire contents of each of which is incorporated byreference herein. In instances where an LSP is preempted when there isno failure along the path of the LSP, the node on which preemptionoccurs sends PathErr and ResvTear upstream and deletes the forwardingstate. If the LSP is being locally repaired and if the failure hasoccurred upstream to the node on which the LSP is preempted, then thenode would not be able to send PathErr or ResvTear upstream.

As one example, LSP 22 is preempted on router 16C after router 16B hasfailed, but before router 16A establishes bypass LSP 26. As router 16Chas retained LSP state information because router 16A refreshes LSP 22using signaling traversing bypass LSP 26, preemption of LSP 22 bringsdown LSP 22 and router 16C ceases being a node protecting merge point.As router 16C is no longer be a node protecting merge point, router 16Cneeds to remove the LSP state information for LSP 22. Router 16C deletesits reservation on link 20C by, for example, sending a normal PathTearmessage to router 16D, but router 16C cannot send PathErr or ResvTear torouter 16A because backup LSP 26 has not yet been signaled by router16A.

As router 16C retained LSP state information after router 16B failedbecause router 16C was a node protecting merge point, router 16C maysend normal PathTear to router 16D and delete the LSP state information.Router 16D may also delete state on receiving PathTear from router 16C.Router 16A starts backup LSP signaling to router 16C. But as router 16Cdoes not have the LSP state information for LSP 22, router 16C rejectsbackup LSP PATH and sends a PathErr to router 16A. Router 16A deletesits reservation and sends ResvTear to router 12A.

FIG. 8 is a block diagram illustrating an example system in whichrouters are configured to respond to a different link failure, inaccordance with one or more techniques of this disclosure. In theexample shown in FIG. 8, router 16B has established bypass LSP 28 andhas node protection enabled. Router 16D is the node protecting mergepoint for router 16B.

In some instances, router 16B is unable to perform local repair (i.e.,router 16B failed to bring up bypass LSP 28). With the failure of link20B and the local repair failure, router 16B sends a PathErr andResvTear message 102 to router 16A via link 20A, a Remote PathTear torouter 16D, and deletes LSP state information for LSP 22. Router 16Dreceives the Remote PathTear, deletes state information for LSP 22, andsends a ResvTear message 100 to router 16C via link 20C. As LSP 22 goesdown on router 16C (i.e., because router 16B was unable to perform localrepair) and as link 20B is already down, router 16C deletes LSP stateinformation for LSP 22.

In the example topology in FIG. 8, assume both router 16A has made nodeprotection available and router 16C has concluded it is a nodeprotecting merge point. When link 20B fails, router 16C retains LSPstate as it is a node protecting merge point. As router 16B has madenode protection available, router 16B will eventually complete backupLSP signaling with its corresponding node protecting merge point router16D. At the completion of backup LSP signaling, the RRO of the LSPcarried in RESV message sent by router 16B to router 16A will notinclude information for router 16C but will include information forrouter 16B and router 16D. When router 16A processes the RESV messagewith the new RRO values, which do not include information for the formernode protecting merge point of router 16A (i.e., router 16C), router 16Amay send Remote PathTear to router 16C. When router 16C receives theRemote PathTear message from its corresponding point of local repairrouter 16A, router 16C sends a normal PathTear message to router 16D anddeletes the LSP state stored at router 16C. As router 16D had alreadycompleted backup LSP signaling with its point of local repair (i.e.,router 16B), router 16D will have backup path state and will ignore thenormal PathTear from router 16C.

FIG. 9 is a block diagram illustrating an example system in whichrouters are configured to respond to a different node failure, inaccordance with one or more techniques of this disclosure. In theexample shown in FIG. 9, router 16B has established bypass LSP 28 andhas node protection enabled and router 16C has established bypass LSP 30and has link protection enabled. Router 16D is the node protecting mergepoint for router 16B and the link protecting merge point for router 16C.

As shown in FIG. 9, router 16C has failed. In general, when the NodeIDHello session between router 16D and router 16C (which is the point oflocal repair for the link protection) goes down, router 16D sends anormal PathTear message and deletes the LSP state. If router 16D, whichis both a link protecting merge point and a node protecting merge point,detects the failure of router 16C, then router 16D retains LSP stateuntil an RSVP refresh timeout.

In one example, router 16C has gone down and router 16B has not signaledbackup LSP 28 to router 16D. If router 16A intends to tear down LSP 22,then router 16A sends normal PathTear to router 16B. To enable LSP statecleanup, router 16B sends a Remote PathTear to router 16D. The RemotePathTear includes a destination IP address set to that of router 16D anda HOP object that includes the local address used in remote NodeID Hellosessions with router 16D. Because router 16D maintains a NodeID Hellosession with router 16B, router 16D accept the Remote PathTear fromrouter 16B and deletes the LSP state information for LSP 22. In thisway, routers 16 may clean up the LSP state information on all nodesalong the path of the LSP 22.

In some instances, router 16B is unable to perform local repair (i.e.,router 16B failed to bring up bypass LSP 28). With the failure of router16C and the local protection failure of router 16B, router 16B sends aPathErr and a ResvTear message 110 to router 16A via link 20A, a RemotePathTear message to router 16D, and deletes LSP state information forLSP 22. Router 16D receives the Remote PathTear and deletes stateinformation for LSP 22. That is, all nodes downstream of and immediateto the failure clean up LSP state information for LSP 22. However,router 16A may retain the LSP path state block without any forwardingentry in its forward tables.

FIG. 10 is a block diagram illustrating an example system in whichrouters are configured to respond to another, different link failure, inaccordance with one or more techniques of this disclosure. In theexample shown in FIG. 10, router 16B has established bypass LSP 28 andhas node protection enabled and router 16C has established bypass LSP 30and has link protection enabled. Router 16D is the node protecting mergepoint for router 16B and the link protecting merge point for router 16C.

As shown in FIG. 10, link 20C has failed. When link 20C fails, the linkHello session between routers 16C and 16D also fails whereas the NodeIDHello session between routers 16B and 16D remains up. As such, router16D retains the LSP state information for LSP 22. Moreover, router 16Dretains LSP state information for LSP 22 because router 16C has madelink protection available.

If LSP 22 is preempted on router 16D after router 16C or link 20C hasalready failed, but before the respective one of the backup LSPs hasbeen signaled over bypass LSPs 28 and 30, then router 16D sends a normalPathTear downstream and deletes the LSP state information for LSP 22. Asrouter 16D has retained LSP state information for LSP 22 because thepoint of local repair for the particular type of failure (i.e., therespective one of routers 16B and 16C) would refresh the LSP throughbackup LSP signaling, preemption would bring down LSP 22 and router 16Dwould no longer be a link protection or node protecting merge point,requiring router 16D to clean up LSP state.

In some instances, router 16C is unable to perform local repair (i.e.,router 16C failed to bring up a backup LSP or bypass LSP 30). Such afailure may trigger LSP state clean up from router 16C to the egressrouter (e.g., PE router 12B of FIG. 1). That is, with the failure oflink 20C and the local protection failure of router 16C, router 16Csends a PathErr and a ResvTear message 120 to router 16B via link 20C, aRemote PathTear message to router 16D, and deletes LSP state informationfor LSP 22. Router 16D receives the Remote PathTear and deletes stateinformation for LSP 22. Responsive to receiving the ResvTear messagefrom router 16C, router 16B brings down LSP 22 and sends a ResvTear torouter 16A. Similarly, responsive to receiving the ResvTear message fromrouter 16B, router 16A brings down LSP 22.

FIG. 11 is a flowchart illustrating an example operation of networkdevices in accordance with one or more techniques of this disclosure.For purposes of illustration, FIG. 11 will be described with referenceto FIGS. 1 and 2. For example, FIG. 11 refers to a point of local repairnetwork device and a merge point network device, which, in one example,maybe PLR router 16A and MP router 16C of FIG. 1. Router 16A isdescribed as having the elements of router 30 shown in FIG. 2.

Router 16A receives a PATH message from the LSP ingress, PE router 12A,to set up LSP 22 (200). PE router 12A signals whether local protectionis by selectively setting a flag of the SESSION_ATTRIBUTE object of thePATH message. Router 16A propagates the PATH message downstream (202) tocontinue to set up the LSP. PE router 12B (i.e., the egress router forthe LSP) receives the PATH message and sends back a RESV messageindicating that the LSP is being established. Router 16A receives a RESVmessage from an downstream router (e.g., router 16B) indicating that theLSP is setup downstream of router 16A (204). Responsive to receiving theRESV message, protection module 56 of router 16A may determine whetherlocal protection is desired for LSP 22 (206). Protection module mayanalyze the received PATH message in response to receiving the RESVmessage or may analyze the PATH message in response to receiving thePATH message. In either instance, if protection module 56 of router 16Adetermines that local protection is not desired (“NO” branch of 206),router 16A does not attempt to set up link protection or nodeprotection.

If protection module 56 determines that local protection is desired(“YES” branch of 202), protection module 56 determines whether nodeprotection is desired (208). While illustrated as two separate decisionswith the node protection determination following the local protectiondetermination, protection module 56 may determine whether localprotection and/or node protection is desired in parallel or in anyorder. If protection module 56 determines that node protection is notdesired (“NO” branch of 208), RSVP-TE 45 attempts to establish a bypassLSP between router 16A and router 16B once the protected LSPestablishment is determined to be successful based on the arrival ofRESV message from the next hop router (i.e., router 16B) (210). Ininstances where RSVP-TE 45 establishes the bypass LSP, RSVP-TE 45generates a PATH message indicating that link protection is available(212) and sends the PATH message to router 16B (218).

In the example shown in FIG. 1, protection module 56 determines thatnode protection is desired (“YES” branch of 208). Responsive todetermining that node protection is desired (“YES” branch of 208),protection module 56 attempts to make node protection available byestablishing bypass LSP 26 between router 16A and router 16C (214). Ifprotection module 56 successfully sets up node link protection,protection module 56 signals that node protection is available bygenerating a new PATH message indicating that node protection isavailable (216) and sends the PATH message downstream to router 16B(218).

FIG. 12 is a flowchart illustrating an example operation of networkdevices in accordance with one or more techniques of this disclosure.For purposes of illustration, FIG. 12 will be described with referenceto FIGS. 1 and 2. Router 16C is described as having the elements ofrouter 30 shown in FIG. 2.

In one example, router 16C receives a Conditional PathTear message fromrouter 16B (300). When router 16C receives the Conditional PathTearmessage from router 16B, router 16C does not immediately delete its LSPstate information. Instead, MP determination module 58 of router 16Cchecks whether router 16B previously set “NP available” flag in the PATHmessage RRO flags (302). That is, router 16C determines whether it is anode protecting merge point (302). If router 16C determines that it isnot a node protecting merge point (“NO” branch of 302), router 16Cgenerates a normal PathTear message (i.e., without the optional object)(304), sends the PathTear message downstream (e.g., to router 16D)(306), and removes the LSP state information for LSP 22 (308). If router16C determines that it is not a node protecting merge point (“YES”branch of 302), router 16C retains the LSP state information for LSP 22(310), clears the “local protection available” and “NP available” flagsin the PATH message RRO flags (312) and sends the PATH messagedownstream (e.g., to router 16D) (314)

FIG. 13 is a flowchart illustrating an example operation of networkdevices in accordance with one or more techniques of this disclosure.For purposes of illustration, FIG. 13 will be described with referenceto FIGS. 1 and 2. PE router 12A initiates takedown of LSP 22 and sends anormal PathTear message to router 16A. Router 16A receives the normalPathTear message (400). In order to facilitate state cleanup for LSP 22,router 16A determines whether the next hop node (i.e., router 16B) orthe link to next hop node (i.e., link 20A) has failed (402). If router16A determines that router 16B and link 20A have not failed (i.e., areup) (“NO” branch of 402), teardown module 60 of router 16A generates anormal PathTear message (404). The destination IP address of the normalPathTear message is the IP address of router 16B. Router 16A sends thenormal PathTear message to router 16B (406). If router 16A determinesthat router 16B or link 20A has failed (“YES” branch of 402), teardownmodule 60 generates a remote PathTear message (408). The destination IPaddress of the remote PathTear message is the IP address of the nextnext hop (i.e., the merge point). In the example network topology shownin FIG. 1, the destination IP address specified in the remote PathTearis the IP address of router 16C. Router 16A sends the remote PathTearmessage to router 16C (410). Regardless of whether router 16A determinesthat the next hop node or the link to the next hop node has failed,router 16A removes the LSP state information for LSP 22 (412)

FIG. 14 is a flowchart illustrating an example operation of networkdevices in accordance with one or more techniques of this disclosure.For purposes of illustration, FIG. 14 will be described with referenceto FIGS. 1 and 2. Router 16A receives a RESV message having changed RROvalues from a downstream device along the LSP (e.g., router 16B) (500).Router 16A analyzes the RESV message to determine the changes in the RROvalues. In particular, router 16A may determine whether the RESV RROvalues still include information for the node protecting merge point(e.g., router 16C) (502). If router 16A processes the RESV message withthe new RRO values and determines that information for the former nodeprotecting merge point of router 16A (i.e., router 16C) is not includes(“NO” branch of 502), router 16A may send generate a Remote PathTearmessage (504) and send the Remote PathTear to the former node protectingmerge point (i.e., router 16C) (506). If router 16A determines thatinformation for the node protecting merge point is included in the RROvalues of the RESV message (“YES” branch of 502), router 16A propagatesthe RESV message upstream along the LSP (e.g., to router 12A) (508).

The techniques described in this disclosure may be implemented, at leastin part, in hardware, software, firmware or any combination thereof. Forexample, various aspects of the described techniques may be implementedwithin one or more processors, including one or more microprocessors,digital signal processors (DSPs), application specific integratedcircuits (ASICs), field programmable gate arrays (FPGAs), or any otherequivalent integrated or discrete logic circuitry, as well as anycombinations of such components. The term “processor” or “processingcircuitry” may generally refer to any of the foregoing logic circuitry,alone or in combination with other logic circuitry, or any otherequivalent circuitry. A control unit comprising hardware may alsoperform one or more of the techniques of this disclosure.

Such hardware, software, and firmware may be implemented within the samedevice or within separate devices to support the various operations andfunctions described in this disclosure. In addition, any of thedescribed units, modules or components may be implemented together orseparately as discrete but interoperable logic devices. Depiction ofdifferent features as modules or units is intended to highlightdifferent functional aspects and does not necessarily imply that suchmodules or units must be realized by separate hardware or softwarecomponents. Rather, functionality associated with one or more modules orunits may be performed by separate hardware or software components, orintegrated within common or separate hardware or software components.

The techniques described in this disclosure may also be embodied orencoded in a computer-readable medium, such as a computer-readablestorage medium, containing instructions. Instructions embedded orencoded in a computer-readable medium may cause a programmableprocessor, or other processor, to perform the method, e.g., when theinstructions are executed. Computer-readable media may includenon-transitory computer-readable storage media and transientcommunication media. Computer readable storage media, which is tangibleand non-transitory, may include random access memory (RAM), read onlymemory (ROM), programmable read only memory (PROM), erasableprogrammable read only memory (EPROM), electronically erasableprogrammable read only memory (EEPROM), flash memory, a hard disk, aCD-ROM, a floppy disk, a cassette, magnetic media, optical media, orother computer-readable storage media. It should be understood that theterm “computer-readable storage media” refers to physical storage media,and not signals, carrier waves, or other transient media.

Various aspects of this disclosure have been described. These and otheraspects are within the scope of the following claims.

What is claimed is:
 1. A method comprising: receiving, with a firstnetwork device and from a second network device, a first resourcereservation path message for establishing a label switched path betweenthe second network device and a third network device by way of the firstnetwork device such that the first network device is positioned betweenthe second network device and the third network device along the labelswitched path, wherein the first resource reservation path messagespecifies whether local protection is desired for the label switchedpath; sending, by the first network device, the first resourcereservation path message to a next hop network device toward the thirdnetwork device along the label switched path; and responsive todetermining that the first resource reservation path message specifiesthat local protection is desired and responsive to receiving a resourcereservation resv message from the next hop network device: establishing,by the first network device, a bypass label switched path between thefirst network device and a merge point network device along the labelswitched path, wherein the bypass label switched path bypasses aprotected network resource positioned along the label switched pathbetween the first network device and the merge point network device;generating, by the first network device, a second resource reservationpath message that specifies that local protection has been establishedfor the label switched path at the first network device; and sending, bythe first network device and to the next hop network device along thelabel switched path, the second resource reservation path message. 2.The method of claim 1, wherein the first resource reservation pathmessage further specifies whether node protection is desired, the methodfurther comprising: responsive to determining that the first resourcereservation path message specifies that local protection and nodeprotection is desired: establishing, by the first network device, abypass label switched path between the first network device and themerge point network device, wherein the bypass label switched pathbypasses a protected network device positioned between the first networkdevice and the merge point network device; and generating, by the firstnetwork device, the second resource reservation path message specifyingthat node protection is available; and responsive to determining thatthe first resource reservation path message specifies that localprotection is desired and that node protection is not desired:establishing, by the first network device, a bypass label switched pathbetween the first network device and the merge point network device,wherein the bypass label switched path bypasses a protected network linkpositioned between the first network device and the merge point networkdevice; and generating, by the first network device, the second resourcereservation path message specifying that link protection is available.3. The method of claim 2, wherein the first resource reservation pathmessage includes a local protection flag and a node protection flag,wherein the first resource reservation path message specifies that localprotection is desired when the local protection flag is set, and whereinthe first resource reservation path message specifies that nodeprotection is desired when the node protection flag is set.
 4. Themethod of claim 1, wherein the first resource reservation path messageincludes a local protection flag, and wherein the first resourcereservation path message specifies that local protection is desired whenthe local protection flag is set.
 5. The method of claim 1, wherein thesecond resource reservation path message that specifies local protectionis available by at least including a protection availability flag thatis set.
 6. The method of claim 1, further comprising: sending, by thefirst network device, a remote resource reservation hello message,wherein a destination address of the remote resource reservation hellomessage is an address of the merge point network device, wherein themerge point network device is a next next hop of the first networkdevice; and receiving, by the first network device and from the mergepoint network device, a remote resource reservation hello message ackmessage sent in response to the remote resource reservation hellomessage.
 7. The method of claim 1, wherein the first resourcereservation path message includes an enhanced facility protection flag,and wherein the resource reservation resv message is a first resourcereservation resv message, the method further comprising: determining, bythe first network device and based at least in part on the enhancedfacility protection flag of the first resource reservation path message,whether the second network device supports enhanced facility protection;responsive to determining, by the first network device, that the secondnetwork device does not support enhanced facility protection,generating, by the first network device, a second resource reservationresv message that specifies a refresh time value that is smaller than ifthe second network device did support enhanced facility protection; andsending, from the first network device to the second network device, theresource reservation resv message.
 8. The method of claim 1, wherein theresource reservation resv message is a first resource reservation resvmessage, the method further comprising: receiving, by the first networkdevice, from the next hop device, a second resource reservation resvmessage that includes an enhanced facility protection flag; determining,by the first network device and based at least in part on the enhancedfacility protection flag of the second resource reservation resvmessage, whether the next hop network device supports enhanced facilityprotection; responsive to determining, by a first network device, thatthe next hop network device does not support enhanced facilityprotection fast reroute, generating, by the first network device, athird resource reservation path message that specifies a refresh timevalue that is smaller than if the second network device did supportenhanced facility protection fast reroute; and sending, from the firstnetwork device to the next hop network device, the third resourcereservation path message.
 9. The method of claim 1, wherein the resourcereservation resv message is a first resource reservation resv message,the method further comprising: receiving, by the first network device,from the second network device, a resource reservation hello messagethat includes an enhanced facility protection flag; determining, by thefirst network device and based at least in part on the enhanced facilityprotection flag of the first resource reservation hello message, whetherthe second network device supports enhanced facility protection;responsive to determining, by a first network device, that the secondnetwork device does not support enhanced facility protection fastreroute, generating, by the first network device, a second resourcereservation resv message that specifies a refresh time value that issmaller than if the second network device did support enhanced facilityprotection fast reroute; and sending, from the first network device tothe second network device, the second resource reservation resv message.10. The method of claim 1, wherein the resource reservation resv messageis a first resource reservation resv message, the method furthercomprising: receiving, by the first network device, from the next hopnetwork device, a resource reservation hello message that includes anenhanced facility protection flag; determining, by the first networkdevice and based at least in part on the enhanced facility protectionflag of the first resource reservation hello message, whether the secondnetwork device supports enhanced facility protection; responsive todetermining, by a first network device, that the second network devicedoes not support enhanced facility protection fast reroute, generating,by the first network device, a second resource reservation path messagethat specifies a refresh time value that is smaller than if the secondnetwork device did support enhanced facility protection fast reroute;and sending, from the first network device to the second network device,the second resource reservation path message.
 11. The method of claim 1,wherein the first resource reservation path message specifies a refreshinterval of at least one minute.
 12. A first network device comprising:one or more network interface cards; and a control unit configured to:receive, from a second network device using at least one of the one ormore network interface cards, a first resource reservation path messagefor establishing a label switched path between the second network deviceand a third network device by way of the first network device such thatthe first network device is positioned between the second network deviceand the third network device along the label switched path, wherein thefirst resource reservation path message specifies whether localprotection is desired for the label switched path; send the firstresource reservation path message to a next hop network device towardthe third network device along the label switched path; responsive todetermining that the first resource reservation path message specifiesthat local protection is desired and responsive to receiving a resourcereservation resv message from the next hop network device: establish abypass label switched path between the first network device and a mergepoint network device along the label switched path, wherein the bypasslabel switched path bypasses a protected network resource positionedalong the label switched path between the first network device and themerge point network device; generate a second resource reservation pathmessage that specifies that local protection has been established forthe label switched path at the first network device; and send, to thenext hop network device along the label switched path using at least oneof the one or more network interface cards, the second resourcereservation path message.
 13. The first network device of claim 12,wherein the first resource reservation path message further specifieswhether node protection is desired, and wherein the control unit isfurther configured to: responsive to determining that the first resourcereservation path message specifies that local protection and nodeprotection is desired: establish a bypass label switched path betweenthe first network device and the merge point network device, wherein thebypass label switched path bypasses a protected network devicepositioned between the first network device and the merge point networkdevice; and generate the second resource reservation path messagespecifying that node protection is available; and responsive todetermining that the first resource reservation path message specifiesthat local protection is desired and that node protection is notdesired: establish a bypass label switched path between the firstnetwork device and the merge point network device, wherein the bypasslabel switched path bypasses a protected network link positioned betweenthe first network device and the merge point network device; andgenerate the second resource reservation path message specifying thatlink protection is available.
 14. The first network device of claim 13,wherein the first resource reservation path message includes a localprotection flag and a node protection flag, wherein the first resourcereservation path message specifies that local protection is desired whenthe local protection flag is set, and wherein the first resourcereservation path message specifies that node protection is desired whenthe node protection flag is set.
 15. The first network device of claim12, wherein the first resource reservation path message includes a localprotection flag, and wherein the first resource reservation path messagespecifies that local protection is desired when the local protectionflag is set.
 16. The first network device of claim 12, wherein thesecond resource reservation path message that specifies local protectionis available by at least including a protection availability flag thatis set.
 17. The first network device of claim 12, wherein the controlunit is configured to send, using at least one of the one or morenetwork interface cards, a remote resource reservation hello message,wherein a destination address of the remote resource reservation hellomessage is an address of the merge point network device, wherein themerge point network device is a next next hop of the first networkdevice, and receive, from the merge point network device, a remoteresource reservation hello message ack message sent in response to theremote resource reservation hello message.
 18. The first network deviceof claim 12, wherein the first resource reservation path messageincludes an enhanced facility protection flag, wherein the resourcereservation resv message is a first resource reservation resv message,and wherein the control unit is configured to: determine, based at leastin part on the enhanced facility protection flag of the first resourcereservation path message, whether the second network device supportsenhanced facility protection; responsive to determining that the secondnetwork device does not support enhanced facility protection, generate asecond resource reservation resv message that specifies a refresh timevalue that is smaller than if the second network device did supportenhanced facility protection; and send, to the second network device andusing at least one of the one or more network interface cards, thesecond resource reservation resv message.
 19. The first network deviceof claim 12, wherein the resource reservation resv message is a firstresource reservation resv message, and wherein the control unit isconfigured to: receive, from the next hop device and using at least oneof the one or more network interface cards, a resource reservation resvmessage that includes an enhanced facility protection flag; determine,based at least in part on the enhanced facility protection flag of thefirst resource reservation resv message, whether the next hop networkdevice supports enhanced facility protection; responsive to determiningthat the next hop network device does not support enhanced facilityprotection fast reroute, generate a second resource reservation pathmessage that specifies a refresh time value that is smaller than if thesecond network device did support enhanced facility protection fastreroute; and send, to the next hop network device and using at least oneof the one or more network interface cards, the second resourcereservation path message.
 20. The first network device of claim 12,wherein the resource reservation resv message is a first resourcereservation resv message, and wherein the control unit is configured to:receive, from the second network device and using at least one of theone or more network interface cards, a resource reservation hellomessage that includes an enhanced facility protection flag; determine,based at least in part on the enhanced facility protection flag of thefirst resource reservation hello message, whether the second networkdevice supports enhanced facility protection; responsive to determining,by a first network device, that the second network device does notsupport enhanced facility protection fast reroute, generate a secondresource reservation resv message that specifies a refresh time valuethat is smaller than if the second network device did support enhancedfacility protection fast reroute; and send, to the second network deviceand using at least one of the one or more network interface cards, thesecond resource reservation resv message.
 21. The first network deviceof claim 12, wherein the resource reservation resv message is a firstresource reservation resv message, and wherein the control unit isconfigured to: receive, from the next hop network device and using atleast one of the one or more network interface cards, a resourcereservation hello message that includes an enhanced facility protectionflag; determine, based at least in part on the enhanced facilityprotection flag of the first resource reservation hello message, whetherthe second network device supports enhanced facility protection;responsive to determining that the second network device does notsupport enhanced facility protection fast reroute, generate second aresource reservation path message that specifies a refresh time valuethat is smaller than if the second network device did support enhancedfacility protection fast reroute; and send, to the second network deviceand using at least one of the one or more network interface cards, thesecond resource reservation path message.
 22. The first network deviceof claim 12, wherein the first resource reservation path messagespecifies a refresh interval of at least one minute.
 23. Anon-transitory computer-readable storage medium encoded withinstructions for causing one or more processors of a first networkdevice to: receive, from a second network device, a first resourcereservation path message for establishing a label switched path betweenthe second network device and a third network device by way of the firstnetwork device such that the first network device is positioned betweenthe second network device and the third network device along the labelswitched path, wherein the first resource reservation path messagespecifies whether local protection is desired for the label switchedpath; send the first resource reservation path message to a next hopnetwork device toward the third network device along the label switchedpath and responsive to receiving a resource reservation resv messagefrom the next hop network device; and responsive to determining that thefirst resource reservation path message specifies that local protectionis desired and responsive to receiving a resource reservation resvmessage from the next hop network device: establish a bypass labelswitched path between the first network device and a merge point networkdevice along the label switched path, wherein the bypass label switchedpath bypasses a protected network resource positioned along the labelswitched path between the first network device and the merge pointnetwork device; generate a second resource reservation path message thatspecifies that local protection has been established for the labelswitched path at the first network device; and send, to the next hopnetwork device along the label switched path, the second resourcereservation path message.